CERT mailing list archives
Understanding Firewalls for Home and Small Office Use
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Mon, 10 Sep 2018 17:20:06 -0500
U.S. Department of Homeland Security US-CERT National Cyber Awareness System: Understanding Firewalls for Home and Small Office Use [ https://www.us-cert.gov/ncas/tips/ST04-004 ] Original release date: September 10, 2018 When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack. However, you can restrict outside access to your computerand the information on itwith a firewall. *What do firewalls do?* Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary network traffic. Firewalls can also prevent malicious software from accessing a computer or network via the internet. Firewalls can be configured to block data from certain locations (i.e., computer network addresses), applications, or ports while allowing relevant and necessary data through. (See Understanding Denial-of-Service Attacks [ https://www.us-cert.gov/ncas/tips/ST04-015 ] and Understanding Hidden Threats: Rootkits and Botnets [ https://www.us-cert.gov/ncas/tips/ST06-001 ] for more information.) *What type of firewall is best?* Categories of firewalls include hardware and software. While both have advantages and disadvantages, the decision to use a firewall is more important than deciding which type you use. * *Hardware* Typically called network firewalls, these physical devices are positioned between your computer and the internet (or other network connection). Many vendors and some internet service providers (ISPs) offer integrated small office / home office routers that also include firewall features. Hardware-based firewalls are particularly useful for protecting multiple computers and controlling the network activity that attempts to pass through them. The advantage of hardware-based firewalls is that they provide an additional line of defense against attacks reaching desktop computing systems. The disadvantage is that they are separate devices that require trained professionals to support their configuration and maintenance. * *Software* Most OSs include a built-in firewall feature that you should enable for added protection, even if you have an external firewall. Firewall software is also available separately from your local computer store, software vendor, or ISP. If you download firewall software from the internet, make sure it is from a reputable source (i.e., an established software vendor or service provider) and offered via a secure site. (See Understanding Web Site Certificates [ https://www.us-cert.gov/ncas/tips/ST05-010 ] for more information.) The advantage of software firewalls is their ability to control the specific network behavior of individual applications on a system. A significant disadvantage of a software firewall is that it is typically located on the same system that is being protected. Being located on the same system can hinder the firewalls ability to detect and stop malicious activity. Another possible disadvantage of software firewalls is thatif you have a firewall for each computer on a networkyou will need to update and manage each computers firewall individually. *How do you know what configuration settings to apply?* Most commercially available firewall products, both hardware and software based, come preconfigured and ready to use. Since each firewall is different, you will need to read and understand the documentation that comes with it to determine whether the default firewall settings are sufficient for your needs. This is particularly concerning because the default configuration is typically less restrictive, which could make your firewall more susceptible to compromise. Alerts about current malicious activity (e.g., NCCICs Alerts [ https://www.us-cert.gov/ncas/alerts ]) sometimes include information about restrictions you can implement through your firewall. Though properly configured firewalls may effectively block some attacks, do not be lulled into a false sense of security. Firewalls do not guarantee that your computer will not be attacked. Firewalls primarily help protect against malicious traffic, not against malicious programs (i.e., malware), and may not protect you if you accidentally install or run malware on your computer. However, using a firewall in conjunction with other protective measures (e.g., anti-virus software and safe computing practices) will strengthen your resistance to attacks. (See Good Security Habits [ https://www.us-cert.gov/ncas/tips/ST04-003 ] and Understanding Anti-Virus Software [ https://www.us-cert.gov/ncas/tips/ST04-005 ] for more information.) This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () ncas us-cert gov to your address book. OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Understanding Firewalls for Home and Small Office Use US-CERT (Sep 10)